From cab35d601fbac059e6f851b5eab1c0cccca18199 Mon Sep 17 00:00:00 2001
From: yuhan6665 <1588741+yuhan6665@users.noreply.github.com>
Date: Sat, 14 Oct 2023 09:44:03 -0400
Subject: [PATCH] crypto/tls: fix cipher suite check when doing 0-RTT
 resumption

Change-Id: Ia50898308b80149f862457f9cd9f1123da4e6b6f
Reviewed-on: https://go-review.googlesource.com/c/go/+/498215
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Macrombi Lux <macrentals502@gmail.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Damien Neil <dneil@google.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Michael Knyszek <mknyszek@google.com>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
---
 handshake_client.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/handshake_client.go b/handshake_client.go
index cb56ca5..57e622f 100644
--- a/handshake_client.go
+++ b/handshake_client.go
@@ -376,7 +376,7 @@ func (c *Conn) loadSession(hello *clientHelloMsg) (
 	if c.quic != nil && session.EarlyData {
 		// For 0-RTT, the cipher suite has to match exactly, and we need to be
 		// offering the same ALPN.
-		if mutualCipherSuite(hello.cipherSuites, session.cipherSuite) != nil {
+		if mutualCipherSuiteTLS13(hello.cipherSuites, session.cipherSuite) != nil {
 			for _, alpn := range hello.alpnProtocols {
 				if alpn == session.alpnProtocol {
 					hello.earlyData = true